<?php
session_start();
include_once './inc/config.inc.php';
include_once './inc/mysql.inc.php';
$link = connect();

$error = '';

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $username = escape($link, $_POST['username']);
    $password = escape($link, $_POST['password']);

    $query = "SELECT * FROM users WHERE username='$username' AND password=md5('$password')";
    $result = execute($link, $query);

    if (mysqli_num_rows($result) == 1) {
        $_SESSION['username'] = $username;
        header("Location: admin/simpleTable.php");
        exit;
    } else {
        $error = "用户名或密码错误";
    }
}
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>用户登录</title>
    <link rel="stylesheet" href="css/table.css">
    <link rel="stylesheet" href="css/login.css">
</head>
<body>
    <div class="login-container">
        <h2>用户登录</h2>
        <?php if ($error): ?>
            <div style="color: red; margin-bottom: 15px; text-align: center;"><?= $error ?></div>
        <?php endif; ?>
        <form method="post">
            <div class="form-group">
                <input type="text" id="username" name="username" placeholder="用户名" required>
            </div>
            <div class="form-group">
                <input type="password" id="password" name="password" placeholder="密码" required>
            </div>
            <button type="submit" class="btn-login">登录</button>
        </form>
    </div>
</body>
</html>
